Using escrowed public keys to enhance confidence in an image authentication scheme

Because image manipulation by computer is so easy, it is hard to be sure that an image was created at the time and place claimed, and that it has not been altered since. To gain this confidence requires a chain of evidence linking the collection of bits representing the image back to the camera that made that image. We therefore sign each image made with the secret key of the camera. It also requires that any cryptographic checksums used to implement the chain of evidence ensure that no other image can be substituted for the correct one, even though a very long period of time might be available for a malefactor to search exhaustively for one that matches any checksum. We must make sure that any fraud will be detected. Our proposed solution uses two key pairs. Each image is signed with two private keys belonging to the originating camera. One of the corresponding public keys is displayed on the back of the camera while the other (escrowed) key is in the camera manufacturer´s audit log. A court order can, when necessary, be used to obtain this information. Without it, a malefactor cannot forge the second signature